Skip to main content
CVE-2021-3018 CRITICAL POC THREAT Act Now

ipeak Infosystems ibexwebCMS (aka IPeakCMS) 3.5 is vulnerable to an unauthenticated Boolean-based SQL injection via the id parameter on the /cms/print.php page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Ipeakcms
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
19.5%
CVE-2021-21234 HIGH POC PATCH THREAT This Week

spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Java Spring Boot Actuator Logview
NVD GitHub
CVSS 3.1
7.7
EPSS
21.2%
CVE-2021-3019 HIGH POC PATCH THREAT This Week

ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties to obtain credentials for a connection to the intranet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Lanproxy
NVD GitHub
CVSS 3.1
7.5
EPSS
19.0%
CVE-2021-3021 CRITICAL Act Now

ISPConfig before 3.2.2 allows SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Ispconfig
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-22492 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Broadcom Android
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2021-3026 MEDIUM This Month

Invision Community IPS Community Suite before 4.5.4.2 allows XSS during the quoting of a post or comment. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ips Community Suite
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-3022 MEDIUM This Month

An issue was discovered on LG mobile devices with Android OS 10 software. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-22495 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Android
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-22494 MEDIUM This Month

An issue was discovered in the fingerprint scanner on Samsung Note20 mobile devices with Q(10.0) software. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy